Security considerations

This topic provides a brief overview of the security aspects of BMC Helix Capacity Optimization. It is intended to provide administrators with the information required to run BMC Helix Capacity Optimization in their environment securely. 

BMC Helix Capacity Optimization includes both the cloud and on-premises components. You can install the on-premises components to collect data from your on-premises environment. For details, see Architecture.

Security considerations for on-premises components

• Communication between the on-premises components and BMC Helix Capacity Optimization is always encrypted, and sent over HTTPS.
• Communication between the on-premises components and BMC Helix Capacity Optimization is always initiated by on-premises components. 
• Using the API key and Helix host URL while installing the Remote ETL Engine ensures that:
  
  • The connection between the Remote ETL Engine and BMC Helix Capacity Optimization is authenticated.
  • BMC Helix Capacity Optimization connects only with the registered Remote ETL Engines.
• Using BMC Helix Client Gateway ensures that you can securely connect to your on-premises Gateway Server. 
• BMC Helix Capacity Optimization uses the following ports: 
  • Port 443: The communication established from the Remote ETL Engine to BMC Helix Capacity Optimization is only through port 443 on HTTPS. 
  • Port numbers defined in the Client Gateway configuration file (WebSocket) for the Gateway Server.
    
    

Arrows in this diagram represent the direction in which the connection is made to open the ports.

Security considerations for BMC Helix Capacity Optimization in the cloud

BMC Helix Capacity Optimization follows the security guidelines documented in the Security section.